(Cat? OR feline) AND NOT dog?
Cat? W/5 behavior
(Cat? OR feline) AND traits
Cat AND charact*

This guide provides a more detailed description of the syntax that is supported along with examples.

This search box also supports the look-up of an IP.com Digital Signature (also referred to as Fingerprint); enter the 72-, 48-, or 32-character code to retrieve details of the associated file or submission.

Concept Search - What can I type?

For a concept search, you can enter phrases, sentences, or full paragraphs in English. For example, copy and paste the abstract of a patent application or paragraphs from an article.

Concept search eliminates the need for complex Boolean syntax to inform retrieval. Our Semantic Gist engine uses advanced cognitive semantic analysis to extract the meaning of data. This reduces the chances of missing valuable information, that may result from traditional keyword searching.

A System and Method for Automating Records Declaration of Encrypted Documents

Publishing Venue

The IP.com Prior Art Database

Abstract

Many government agencies would like to implement automated records collection and declaration. However, encrypted documents cannot be automatically collected. Currently, users must go through many manual steps to decrypt and save the document for records declaration. Most organizations do not have the resource for this. The result is that encrypted documents are excluded from records management, contrary to statutory requirement. It affects a growing portion of emails in the federal space. This idea simplifies user action to save decrypted documents for the purpose of records management. In a nutshell, it takes advantage of the constraint that PKI-encrypted content (e.g. email) can be decrypted only by the intended recipient who has the private key, at the client workstation. Upon the intended recipient's decrypting the content (to read it), this method provides the recipient a choice to save the decrypted copy to the content server (e.g. email server), where content collecting tools collect and declare the copy as record in the Records Management Application (RMA).

Country

Undisclosed

Language

English (United States)

This text was extracted from a PDF file.

This is the abbreviated version, containing approximately
43% of the total text.

Page 01 of 5

A System and Method for Automating Records Declaration of Encrypted Documents One key obstacle preventing government agencies from rolling out records management as

required by U.S. Public Law is the amount of manual effort required of the business user to declare records. This manual labor is particularly inhibitive when declaring PKI-encrypted emails as records.

PKI encryption protects the confidentiality of official documents (e.g. email) at rest and in transit over the network. PKI encryption/decryption process follows these steps:

1. The source computer (SC) generates a one-time secret key (SK)

2. SC encrypts the content of the document (Doc) using symmetric encryption algorithm with SK

3. SC encrypts SK using asymmetric encryption algorithm with the PKI Public Key (PK) of the intended Recipient (RC), packaging the encrypted SK with the encrypted Doc

Since only the intended recipient has access to the Private Key, no one else can decrypt the document, including any application that collects and automatically declares documents as records into a Records Management Application (RMA).

For records management, records professionals other than the original intended recipient need to have full access to the document in RMA (now known as a record). For this reason, Records Management Policies typically require that encrypted documents be decrypted prior to being declared as a record in the RMA.

To enable an application to declare PKI-encrypted emails as records from the email server, this invention proposes that a Client Record Indicator (CRI) plug-in be included with the email client. The CRI takes advantage of the fact that encrypted documents are decrypted in memory when viewed on the client computer today, re-encrypts it with the email server's public key (for in-transit protection) and saves it over the network back to the email server. The email server decrypts this CRI-indicated email and stores it in the original email folder. The record-declaring application then declares the email as a record into the RMA.

The CRI requires at most one click on the part of the intended email recipient, thus eliminating the major complaint that records management burdens the already overloaded business user.

Configuration 1: One-click. A "Save for Records" button re-encrypts the decrypted document using the email server's public key for transmission to and storage on the server. Specifically, the client generates a one-time secret key, encrypts the clear text content in memory with that secret key, then encrypts the secret key with the email server's public key. This encrypted copy (email itself along with encrypted secret key) is transmitted to and stored on the machine tha...